Re: ipfwadm question

To: Mario Olimpio de Menezes <mario@curiango.ipen.br>
Cc: Debian User List <debian-user@lists.debian.org>
Subject: Re: ipfwadm question
From: Michele Dalla Silvestra <dalla@pluto.linux.it>
Date: Wed, 27 Aug 1997 10:39:21 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.3.96.970827103359.1101C-100000@venus.dalla.net>
Reply-to: Michele Dalla Silvestra <dalla@pluto.linux.it>
In-reply-to: <[🔎] Pine.LNX.3.96.970826152915.3280A-100000@aguia.ipen.br>

On Tue, 26 Aug 1997, Mario Olimpio de Menezes wrote:

> 	My linux box acts as a ip-masq for the internal sub-net of
> Windows machines. It has 3 cards: one for output to Internet, with a
> valid IP address and 2 for the internal sub-net.
> 	IP-Masq is working OK; all machines can telnet, browse, ftp, etc
> to external servers on Internet, being masquerade with the Linux IP.
> 	I'm using this sintax:
> # ipfwadm -O -a deny -S 0.0.0.0/0 -D some.site.denied/0
> 
> but isn't working, since I can connect the denied site from a inside
> machine. What is wrong? 

Have you tried:

# ipfwadm -F -p deny
# ipfwadm -F -a masq -S <internal_net> -D 0.0.0.0/0
# ipfwadm -F -i deny -S <internal_net> -D some.site.denied/32
(that is adding a forwarding rule before masquerading)


Ciao

----------------------------------------------------------------------
Dalla Silvestra Michele      Other info: finger://dalla@pluto.linux.it
Key fingerprint = 68 02 A9 C7 FB 05 9E 9C  C7 B6 4A 13 61 25 5B 43


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

References:
- ipfwadm question
  - From: Mario Olimpio de Menezes <mario@curiango.ipen.br>

Prev by Date: Re: Can't get apache to start using my files
Next by Date: Re: xdm and getting to the console..
Previous by thread: ipfwadm question
Next by thread: ide for java?
Index(es):
- Date
- Thread